Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- ›
- About SARowe_NZ
About SARowe_NZ
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Sunday
41Posts
3Likes
1Solution
Jan 17, 2021Last Visited
User
Activity
User
Profile
Latest posts by SARowe_NZ
| Subject | Views | Posted |
|---|---|---|
| 906 | 06-04-2020 10:04 PM | |
| 3291 | 06-04-2020 09:43 PM | |
| 3323 | 06-04-2020 08:59 PM | |
| 3344 | 06-04-2020 08:31 PM | |
| 1116 | 06-03-2020 02:38 PM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 | 04-13-2020 01:07 PM | |
| 1 | 04-06-2020 04:32 PM | |
| 1 | 06-17-2019 01:07 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 | |||
| 1 | |||
| 1 | |||
| 1 | |||
| 2 |
User Badges
Public Statistics
| Date Registered | 03-21-2017 04:29 PM |
| Date Last Visited | Sunday |
| Total Messages Posted | 51 |
| Total Likes Received | 3 |
06-04-2020
09:43 PM
Thanks - given I'd be starting at the zero with python the learning curve would be too much and I'd need to dedicate too much time to justify it just for this. I have not looked at the powershell option though so that could definitely work, as I suspect it is much simpler for a script notice like me - I will check it out! Cheers, Shannon
... View more
06-04-2020
08:59 PM
Hey, That was an example - its actually lots of different configuration elements (policies / objects / VPNs etc). I'm moving config around between firewalls and different Templates/Device Groups on our Panorama. For the most part it is quite granular (per policy / vpn etc) which is the challenge. If it was all of them I could just use the root x-path for (e.g.) policies as the root x-path would have no spaces, but unfortunately much of this has to be done at individual item level. Cheers, Shannon
... View more
06-04-2020
08:31 PM
Hey Daniel, Thanks for that - appreciate your help! Unfortunately my knowledge of python is zero. Surely it must be possible to parse a space in the CLI x-path call. Cheers, Shannon
... View more
06-02-2020
09:41 PM
Hi, We are setting up user-ID with agents on member servers, checking domain controller event logs. We also run an internal globalprotect gateway. With both active and potentially providing the same user-ip mapping, which one does the firewall user? the one from GP or the one from the DCs? Thanks, Shannon
... View more
05-25-2020
01:41 AM
Hey - thanks for the response, unfortunately I have tried that and it still does not accept it. Does not like the syntax. I tried with single and double quotes. Thanks, Shannon
... View more
05-19-2020
08:56 PM
Note: just to clarify the actual policy name is " Policy Name Here" - the XML API Browser adds the "+" symbols shown in the original post automatically wherever a space exists, but the x-path call from the CLI does not seem to accept it.
... View more
05-19-2020
08:54 PM
Hi, The "load config partial from x-path" is great for copy or moving config but I can't work out how to get it to deal with spaces. e.g. if I want to copy a policy and the policy name has a space in it I can't get the correct syntax. The XML API Browser gives me an x-path of .../entry[@name='Policy+Name+Here'] however the CLI returns an error "Server error : Failed to compose effective config to load. input file doesn't have anything at ..." If I take the spaces out it works perfectly. How do you get x-path to process spaces? Thanks, Shannon
... View more
05-19-2020
08:49 PM
Hey,
Thanks for the response. Yes I have tried not selecting Option A and I do have a policy file and a Rulebase file.
The Objects_5_0.C definitely contains data.
Anyone have any ideas? Really hoping to use the Expedition tool for this as migrating these manually will be a nightmare...
Cheers,
Shannon
... View more
05-10-2020
04:37 PM
Hi,
I'm trying to migrate a CP to Palo Alto via Expedition.
I've been provided the CP files as per below screen dump but when I try and upload them Expedition fails with message "We need objects and policy files. Please upload them again."
How can I correctly import the CP config?
Thanks,
Shannon
... View more
04-13-2020
01:07 PM
1 Kudo
Hi, Thanks for the replies. I also found this article: http://michlstechblog.info/blog/windows-set-permissions-on-a-service/ This will resolve the issue but need to find a way to deploy it easily (eg via GPO). I will take a bit more detailed look at your suggestions as suspect a combination will provide the answer. Surprised PAN don't have tamper protection enabled natively, like is available in Traps. Thanks again, Shannon
... View more
04-06-2020
05:58 PM
Thanks Varun, " With 5.1 GlobalProtect App, as an admin, you can set Disable Option to Not Allow on Dynamic App Config on the firewall to prevent users from disabling GlobalProtect." Will that also prevent users from stopping the actual GP service? We already have it configured to stop users from disabling it through the GP App, and that works, but they have found they can simply go into services.msc and disable the service, then kill the GP app through task manager. This effectively allows them to completely turn off GP. The only difference there is we are currently using agent version 4.1.x not 5.1.
... View more
04-06-2020
04:32 PM
1 Kudo
Hi, We run always-on VPN. Our users have found they can disable GP by going to services.msc and disabling the service, then killing GP from task manager. Especially with everyone working from home at the moment this is quite a big deal and we need to find a way to prevent them from stopping the GP service (some kind of tamper protection similar to what Traps/XDR or other AV products have). Does anyone have any ideas on how we can stop this behaviour? Cheers, Shannon
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
Sunday
|
Likes Given To
Latest Blogs
Latest Posts
Copyright 2007 - 2021 - Palo Alto Networks
